def all_monitors(account_name, debug=False):
"""
Returns a list of all monitors in the correct audit order which apply to one
or more of the accounts.
"""
monitor_dict = {}
account = get_account_by_name(account_name)
account_manager = account_registry.get(account.account_type.name)()
for watcher_class in watcher_registry.values():
if account_manager.is_compatible_with_account_type(
watcher_class.account_type):
monitor = Monitor(watcher_class, account, debug)
if monitor.watcher.is_active():
monitor_dict[monitor.watcher.index] = monitor
for mon in list(monitor_dict.values()):
if (mon.auditors):
path = [mon.watcher.index]
_set_dependency_hierarchies(monitor_dict, mon, path,
mon.audit_tier + 1)
monitors = sorted(list(monitor_dict.values()),
key=lambda item: item.audit_tier,
reverse=True)
return monitors
def run(self, account, interval=None):
"""Starts the process of watchers -> auditors -> alerters """
app.logger.info("Starting work on account {}.".format(account))
time1 = time.time()
mons = self.get_monitors_to_run(account, interval)
watchers_with_changes = set()
for monitor in mons:
app.logger.info(
"Running slurp {} for {} ({} minutes interval)".format(
monitor.watcher.i_am_singular, account, interval))
# Batch logic needs to be handled differently:
if monitor.batch_support:
from security_monkey.scheduler import batch_logic
batch_logic(monitor, monitor.watcher, account, False)
else:
(items, exception_map) = monitor.watcher.slurp()
monitor.watcher.find_changes(items, exception_map)
if (len(monitor.watcher.created_items) > 0) or (len(
monitor.watcher.changed_items) > 0):
watchers_with_changes.add(monitor.watcher.index)
monitor.watcher.save()
db_account = get_account_by_name(account)
for monitor in self.all_monitors:
# Skip over batched items, since they are done:
if monitor.batch_support:
continue
for auditor in monitor.auditors:
if auditor.applies_to_account(db_account):
items_to_audit = self.get_items_to_audit(
monitor.watcher, auditor, watchers_with_changes)
app.logger.info("Running audit {} for {}".format(
monitor.watcher.index, account))
try:
auditor.items = items_to_audit
auditor.audit_objects()
auditor.save_issues()
except Exception as e:
store_exception('reporter-run-auditor',
(auditor.index, account), e)
continue
time2 = time.time()
app.logger.info('Run Account %s took %0.1f s' % (account,
(time2 - time1)))
self.account_alerter.report()
db.session.close()
def _check_for_override_score(self, score, account):
"""
Return an override to the hard coded score for an issue being added. This could either
be a general override score for this check method or one that is specific to a particular
field in the account.
:param score: the hard coded score which will be returned back if there is
no applicable override
:param account: The account name, used to look up the value of any pattern
based overrides
:return:
"""
for override_score in self.override_scores:
# Look for an oberride entry that applies to
if override_score.method == self.current_method_name + ' (' + self.__class__.__name__ + ')':
# Check for account pattern override where a field in the account matches
# one configured in Settings/Audit Issue Scores
account = get_account_by_name(account)
for account_pattern_score in override_score.account_pattern_scores:
if getattr(account, account_pattern_score.account_field,
None):
# Standard account field, such as identifier or notes
account_pattern_value = getattr(
account, account_pattern_score.account_field)
else:
# If there is no attribute, this is an account custom field
account_pattern_value = account.getCustom(
account_pattern_score.account_field)
if account_pattern_value is not None:
# Override the score based on the matching pattern
if account_pattern_value == account_pattern_score.account_pattern:
app.logger.debug(
"Overriding score based on config {}:{} {}/{}".
format(
self.index, self.current_method_name +
'(' + self.__class__.__name__ + ')', score,
account_pattern_score.score))
score = account_pattern_score.score
break
else:
# No specific override pattern fund. use the generic override score
app.logger.debug(
"Overriding score based on config {}:{} {}/{}".format(
self.index, self.current_method_name + '(' +
self.__class__.__name__ + ')', score,
override_score.score))
score = override_score.score
return score
def run(self, account, interval=None):
"""Starts the process of watchers -> auditors -> alerters """
app.logger.info("Starting work on account {}.".format(account))
time1 = time.time()
mons = self.get_monitors_to_run(account, interval)
watchers_with_changes = set()
for monitor in mons:
app.logger.info("Running slurp {} for {} ({} minutes interval)".format(monitor.watcher.i_am_singular, account, interval))
# Batch logic needs to be handled differently:
if monitor.batch_support:
from security_monkey.scheduler import batch_logic
batch_logic(monitor, monitor.watcher, account, False)
else:
(items, exception_map) = monitor.watcher.slurp()
monitor.watcher.find_changes(items, exception_map)
if (len(monitor.watcher.created_items) > 0) or (len(monitor.watcher.changed_items) > 0):
watchers_with_changes.add(monitor.watcher.index)
monitor.watcher.save()
db_account = get_account_by_name(account)
for monitor in self.all_monitors:
# Skip over batched items, since they are done:
if monitor.batch_support:
continue
for auditor in monitor.auditors:
if auditor.applies_to_account(db_account):
items_to_audit = self.get_items_to_audit(monitor.watcher, auditor, watchers_with_changes)
app.logger.info("Running audit {} for {}".format(
monitor.watcher.index,
account))
try:
auditor.items = items_to_audit
auditor.audit_objects()
auditor.save_issues()
except Exception as e:
store_exception('reporter-run-auditor', (auditor.index, account), e)
continue
time2 = time.time()
app.logger.info('Run Account %s took %0.1f s' % (account, (time2-time1)))
self.account_alerter.report()
db.session.close()
def get_monitors(account_name, monitor_names, debug=False):
"""
Returns a list of monitors in the correct audit order which apply to one or
more of the accounts.
"""
requested_mons = []
account = get_account_by_name(account_name)
account_manager = account_registry.get(account.account_type.name)()
for monitor_name in monitor_names:
watcher_class = watcher_registry[monitor_name]
if account_manager.is_compatible_with_account_type(watcher_class.account_type):
monitor = Monitor(watcher_class, account, debug)
requested_mons.append(monitor)
return requested_mons
def get_monitors(account_name, monitor_names, debug=False):
"""
Returns a list of monitors in the correct audit order which apply to one or
more of the accounts.
"""
requested_mons = []
account = get_account_by_name(account_name)
account_manager = account_registry.get(account.account_type.name)()
for monitor_name in monitor_names:
watcher_class = watcher_registry[monitor_name]
if account_manager.is_compatible_with_account_type(watcher_class.account_type):
monitor = Monitor(watcher_class, account, debug)
if monitor.watcher.is_active():
requested_mons.append(monitor)
return requested_mons
def all_monitors(account_name, debug=False):
"""
Returns a list of all monitors in the correct audit order which apply to one
or more of the accounts.
"""
monitor_dict = {}
account = get_account_by_name(account_name)
account_manager = account_registry.get(account.account_type.name)()
for watcher_class in watcher_registry.itervalues():
if account_manager.is_compatible_with_account_type(watcher_class.account_type):
monitor = Monitor(watcher_class, account, debug)
if monitor.watcher.is_active():
monitor_dict[monitor.watcher.index] = monitor
for mon in monitor_dict.values():
if len(mon.auditors) > 0:
path = [mon.watcher.index]
_set_dependency_hierarchies(monitor_dict, mon, path, mon.audit_tier + 1)
monitors = sorted(monitor_dict.values(), key=lambda item: item.audit_tier, reverse=True)
return monitors
def _check_for_override_score(self, score, account):
"""
Return an override to the hard coded score for an issue being added. This could either
be a general override score for this check method or one that is specific to a particular
field in the account.
:param score: the hard coded score which will be returned back if there is
no applicable override
:param account: The account name, used to look up the value of any pattern
based overrides
:return:
"""
for override_score in self.override_scores:
# Look for an oberride entry that applies to
if override_score.method == self.current_method_name + ' (' + self.__class__.__name__ + ')':
# Check for account pattern override where a field in the account matches
# one configured in Settings/Audit Issue Scores
account = get_account_by_name(account)
for account_pattern_score in override_score.account_pattern_scores:
if getattr(account, account_pattern_score.account_field, None):
# Standard account field, such as identifier or notes
account_pattern_value = getattr(account, account_pattern_score.account_field)
else:
# If there is no attribute, this is an account custom field
account_pattern_value = account.getCustom(account_pattern_score.account_field)
if account_pattern_value is not None:
# Override the score based on the matching pattern
if account_pattern_value == account_pattern_score.account_pattern:
app.logger.debug("Overriding score based on config {}:{} {}/{}".format(self.index, self.current_method_name + '(' + self.__class__.__name__ + ')', score, account_pattern_score.score))
score = account_pattern_score.score
break
else:
# No specific override pattern fund. use the generic override score
app.logger.debug("Overriding score based on config {}:{} {}/{}".format(self.index, self.current_method_name + '(' + self.__class__.__name__ + ')', score, override_score.score))
score = override_score.score
return score